Permalink
Commits on Mar 2, 2012
  1. Actually make URI.DisableResources do something.

    ezyang committed Mar 2, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Feb 18, 2012
  1. Bugfix: _blank not blank.

    ezyang committed Feb 18, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jan 25, 2012
  1. Update NEWS.

    ezyang committed Jan 25, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jan 19, 2012
  1. Release 4.4.0

    ezyang committed Jan 19, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jan 18, 2012
  1. Make all of the tests work on all PHP versions.

    ezyang committed Jan 18, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  2. Avoid doing stupidly clever reflection tricks that make old PHP versi…

    ezyang committed Jan 18, 2012
    …ons sad.
    
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  3. Modernize some of the testing facilities.

    ezyang committed Jan 18, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jan 17, 2012
  1. Tighter CSS selector validation.

    ezyang committed Jan 14, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jan 6, 2012
  1. Remark about bypassing host list with punycode.

    ezyang committed Jan 6, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  2. Optional support for IDNAs with PEAR Net_IDNA2

    ezyang committed Jan 6, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jan 3, 2012
  1. Remove PEARSax3 lexer.

    ezyang committed Jan 3, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Dec 30, 2011
  1. Make forms work for transitional doctypes.

    ezyang committed Dec 30, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Dec 27, 2011
  1. Remove inscrutable TODO, optionalize another.

    ezyang committed Dec 27, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  2. Add note about superseding modules in TODO.

    ezyang committed Dec 27, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Dec 26, 2011
  1. Bump minor version number to 4.4.0.

    ezyang committed Dec 26, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  2. Add test for invalid SafeIframe usage.

    ezyang committed Dec 26, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  3. Implement Iframe module, and provide %HTML.SafeIframe and %URI.SafeIf…

    bfroehle authored and ezyang committed Feb 14, 2011
    …rameRegexp for untrusted usage.
    
    The purpose of this addition is twofold. In trusted mode, iframes are
    now unconditionally allowed.
    
    However, many online video providers (YouTube, Vimeo) and other web
    applications (Google Maps, Google Calendar, etc) provide embed code in
    iframe format, which is useful functionality in untrusted mode.
    You can specify iframes as trusted elements with %HTML.SafeIframe;
    however, you need to additionally specify a whitelist mechanism such as
    %URI.SafeIframeRegexp to say what iframe embeds are OK (by default
    everything is rejected).
    
    Note: As iframes are invalid in strict doctypes, you will not be able to
    use them there.
    
    We also added an always_load parameter to URIFilters in order to support
    the strange nature of the SafeIframe URIFilter (it always needs to be
    loaded, due to the inability of accessing the %HTML.SafeIframe directive
    to see if it's needed!)  We expect this URIFilter can expand in the future
    to offer more complex validation mechanisms.
    
    Signed-off-by: Bradley M. Froehle <brad.froehle@gmail.com>
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  4. Add more attributions.

    ezyang committed Dec 26, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  5. Implement %HTML.AllowedComments and %HTML.AllowedCommentsRegexp

    ezyang committed Dec 26, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  6. Fix broken table content model, easily seen in XHTML1.1

    ezyang committed Dec 26, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  7. Properly handle nested sublists by folding into previous list item.

    ezyang committed Dec 26, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  8. Implement %HTML.TargetBlank

    ezyang committed Dec 25, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Dec 25, 2011
  1. Add isBenign and getDefaultScheme methods.

    ezyang committed Dec 25, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  2. Add a little bit of documentation about contexts for URIFilters.

    ezyang committed Dec 25, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  3. Core.EscapeNonASCIICharacters now always works, even if target is UTF-8.

    ezyang committed Dec 25, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  4. Add support for scope attribute on td and th.

    ezyang committed Dec 25, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  5. Add one more test for SPL autoload defaults.

    ezyang committed Dec 25, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  6. Fix iconv truncation bug.

    ezyang committed Dec 24, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Dec 18, 2011
  1. Remove spurious abstract definition; PHP 5.4 doesn't like that.

    ezyang committed Dec 18, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  2. Don't unset parser variable; plays poorly with serialize.

    ezyang committed Sep 22, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Aug 24, 2011
  1. Typofix.

    ezyang committed Jul 16, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  2. Don't add nofollow for matching hosts, generalize this code.

    ezyang committed Jun 12, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  3. Update INSTALL to avoid missing config snafu, update usage.xml.

    ezyang committed Jun 11, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  4. Do not duplicate nofollow attribute in transform.

    ezyang committed Jun 11, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Apr 19, 2011
  1. Explicitly initialize anonModule to null.

    ezyang committed Apr 19, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>